From b870e892ebc81c72216538df24eb4586649fe2b2 Mon Sep 17 00:00:00 2001 From: xuyang <748613696@qq.com> Date: Wed, 23 Aug 2023 17:17:17 +0800 Subject: [PATCH] =?UTF-8?q?App=E7=94=A8=E6=88=B7=E5=BF=98=E8=AE=B0?= =?UTF-8?q?=E5=AF=86=E7=A0=81=E5=8A=9F=E8=83=BD=E8=B0=83=E6=95=B4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../njcn/gateway/filter/AuthGlobalFilter.java | 2 +- .../njcn/user/controller/UserController.java | 1 + .../controller/app/AppUserController.java | 12 ++++-- .../njcn/user/service/IAppUserService.java | 2 +- .../njcn/user/service/IUserSetService.java | 10 +++++ .../user/service/impl/AppUserServiceImpl.java | 5 +-- .../user/service/impl/UserSetServiceImpl.java | 40 +++---------------- 7 files changed, 30 insertions(+), 42 deletions(-) diff --git a/pqs-gateway/src/main/java/com/njcn/gateway/filter/AuthGlobalFilter.java b/pqs-gateway/src/main/java/com/njcn/gateway/filter/AuthGlobalFilter.java index f9dd1031a..7b91aced3 100644 --- a/pqs-gateway/src/main/java/com/njcn/gateway/filter/AuthGlobalFilter.java +++ b/pqs-gateway/src/main/java/com/njcn/gateway/filter/AuthGlobalFilter.java @@ -42,7 +42,7 @@ import java.util.List; @RequiredArgsConstructor public class AuthGlobalFilter implements GlobalFilter, Ordered { - private final static List USER_AGENT_IP = Arrays.asList("/pqs-auth/auth/getImgCode", "/pqs-auth/oauth/token", "/user-boot/user/generateSm2Key", "/user-boot/user/updateFirstPassword"); + private final static List USER_AGENT_IP = Arrays.asList("/pqs-auth/auth/getImgCode", "/pqs-auth/oauth/token", "/user-boot/user/generateSm2Key", "/user-boot/user/updateFirstPassword", "/user-boot/appUser/resetPsd"); private final RedisUtil redisUtil; diff --git a/pqs-user/user-boot/src/main/java/com/njcn/user/controller/UserController.java b/pqs-user/user-boot/src/main/java/com/njcn/user/controller/UserController.java index db9d5c4f8..4f933b32b 100644 --- a/pqs-user/user-boot/src/main/java/com/njcn/user/controller/UserController.java +++ b/pqs-user/user-boot/src/main/java/com/njcn/user/controller/UserController.java @@ -315,6 +315,7 @@ public class UserController extends BaseController { @ApiOperation("根据登录名获取公钥") @ApiImplicitParam(name = "loginName", value = "登录名", required = true) public HttpResult generateSm2Key(String loginName, @ApiIgnore HttpServletRequest request) { + System.out.println("request1==:" + request); if (StrUtil.isBlankIfStr(loginName)) { RequestUtil.saveLoginName(LogInfo.UNKNOWN_USER); throw new BusinessException(UserResponseEnum.LOGIN_USERNAME_INVALID); diff --git a/pqs-user/user-boot/src/main/java/com/njcn/user/controller/app/AppUserController.java b/pqs-user/user-boot/src/main/java/com/njcn/user/controller/app/AppUserController.java index ba32eced2..4174b7db6 100644 --- a/pqs-user/user-boot/src/main/java/com/njcn/user/controller/app/AppUserController.java +++ b/pqs-user/user-boot/src/main/java/com/njcn/user/controller/app/AppUserController.java @@ -2,6 +2,7 @@ package com.njcn.user.controller.app; import com.njcn.common.pojo.annotation.OperateInfo; import com.njcn.common.pojo.constant.OperateType; +import com.njcn.common.pojo.constant.SecurityConstants; import com.njcn.common.pojo.enums.common.LogEnum; import com.njcn.common.pojo.enums.response.CommonResponseEnum; import com.njcn.common.pojo.response.HttpResult; @@ -9,6 +10,7 @@ import com.njcn.common.utils.HttpResultUtil; import com.njcn.common.utils.LogUtil; import com.njcn.user.service.IAppUserService; import com.njcn.web.controller.BaseController; +import com.njcn.web.utils.IpUtils; import io.swagger.annotations.Api; import io.swagger.annotations.ApiImplicitParam; import io.swagger.annotations.ApiImplicitParams; @@ -22,6 +24,9 @@ import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; +import springfox.documentation.annotations.ApiIgnore; + +import javax.servlet.http.HttpServletRequest; /** * 类的介绍: @@ -106,11 +111,12 @@ public class AppUserController extends BaseController { @ApiImplicitParam(name = "phone", value = "手机号", required = true, paramType = "query"), @ApiImplicitParam(name = "code", value = "验证码", required = true, paramType = "query"), @ApiImplicitParam(name = "password", value = "密码", required = true, paramType = "query"), - @ApiImplicitParam(name = "devCode", value = "设备码", required = true, paramType = "query"), + @ApiImplicitParam(name = "devCode", value = "设备码", required = true, paramType = "query") }) - public HttpResult resetPsd(String phone, String code,String password, String devCode) { + public HttpResult resetPsd(String phone, String code,String password, String devCode, @ApiIgnore HttpServletRequest request) { String methodDescribe = getMethodDescribe("modifyPsd"); - appUserService.resetPsd(phone,code,password,devCode); + String ip = request.getHeader(SecurityConstants.REQUEST_HEADER_KEY_CLIENT_REAL_IP); + appUserService.resetPsd(phone,code,password,devCode,ip); return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, null, methodDescribe); } diff --git a/pqs-user/user-boot/src/main/java/com/njcn/user/service/IAppUserService.java b/pqs-user/user-boot/src/main/java/com/njcn/user/service/IAppUserService.java index c41630e5d..4e29ffbde 100644 --- a/pqs-user/user-boot/src/main/java/com/njcn/user/service/IAppUserService.java +++ b/pqs-user/user-boot/src/main/java/com/njcn/user/service/IAppUserService.java @@ -29,7 +29,7 @@ public interface IAppUserService { /** * app用户忘记密码 */ - void resetPsd(String phone, String code, String password, String devCode); + void resetPsd(String phone, String code, String password, String devCode, String ip); /** * 旧手机验证码确认 diff --git a/pqs-user/user-boot/src/main/java/com/njcn/user/service/IUserSetService.java b/pqs-user/user-boot/src/main/java/com/njcn/user/service/IUserSetService.java index 438b761e4..e8dd5e731 100644 --- a/pqs-user/user-boot/src/main/java/com/njcn/user/service/IUserSetService.java +++ b/pqs-user/user-boot/src/main/java/com/njcn/user/service/IUserSetService.java @@ -49,6 +49,16 @@ public interface IUserSetService extends IService { */ String updateFirstPassword(String id, String newPassword, String name, String ip); + /** + * App用户忘记密码 + * @param id + * @param newPassword + * @param name + * @param ip + * @return + */ + String forgetPassword(String id, String newPassword, String name, String ip); + /** * 功能描述: diff --git a/pqs-user/user-boot/src/main/java/com/njcn/user/service/impl/AppUserServiceImpl.java b/pqs-user/user-boot/src/main/java/com/njcn/user/service/impl/AppUserServiceImpl.java index 3561c552c..f992547ca 100644 --- a/pqs-user/user-boot/src/main/java/com/njcn/user/service/impl/AppUserServiceImpl.java +++ b/pqs-user/user-boot/src/main/java/com/njcn/user/service/impl/AppUserServiceImpl.java @@ -1,6 +1,5 @@ package com.njcn.user.service.impl; -import cn.hutool.core.util.IdUtil; import com.aliyuncs.DefaultAcsClient; import com.aliyuncs.IAcsClient; import com.aliyuncs.dysmsapi.model.v20170525.SendSmsRequest; @@ -239,7 +238,7 @@ public class AppUserServiceImpl extends ServiceImpl impleme } @Override - public void resetPsd(String phone, String code, String password, String devCode) { + public void resetPsd(String phone, String code, String password, String devCode,String ip) { if (!PubUtils.match(PatternRegex.PHONE_REGEX, phone)){ throw new BusinessException(UserResponseEnum.REGISTER_PHONE_WRONG); } @@ -252,7 +251,7 @@ public class AppUserServiceImpl extends ServiceImpl impleme if (Objects.isNull(user)){ throw new BusinessException(UserResponseEnum.LOGIN_USERNAME_NOT_FOUND); } - String secretPassword = userSetService.updatePassword(user.getId(), password,false); + String secretPassword = userSetService.forgetPassword(user.getId(), password,user.getLoginName(),ip); user.setPassword(secretPassword); user.setPwdValidity(LocalDateTime.now()); user.setLoginTime(LocalDateTime.now()); diff --git a/pqs-user/user-boot/src/main/java/com/njcn/user/service/impl/UserSetServiceImpl.java b/pqs-user/user-boot/src/main/java/com/njcn/user/service/impl/UserSetServiceImpl.java index 5bb477248..b8f8e12e1 100644 --- a/pqs-user/user-boot/src/main/java/com/njcn/user/service/impl/UserSetServiceImpl.java +++ b/pqs-user/user-boot/src/main/java/com/njcn/user/service/impl/UserSetServiceImpl.java @@ -76,6 +76,12 @@ public class UserSetServiceImpl extends ServiceImpl impl return updatePsd(id,password,true); } + @Override + public String forgetPassword(String id, String newPassword, String name, String ip) { + String password = getSecretPasswordNotLogin(newPassword, name, ip); + return updatePsd(id,password,false); + } + @Override public String getDecryptPassword(String password) { return getSecretPassword(password); @@ -155,40 +161,6 @@ public class UserSetServiceImpl extends ServiceImpl impl return psd; } - private String updateAppPsd(String id, String password) { - Sm4Utils sm4; - String psd,strSm4; - String standard = PatternRegex.PASSWORD_REGEX; - Pattern pattern = Pattern.compile(standard); - Matcher m=pattern.matcher(password); - if (!m.find()){ - throw new BusinessException(UserResponseEnum.SPECIAL_PASSWORD); - } - UserSet userSet = this.lambdaQuery().eq(UserSet::getUserId, id).one(); - QueryWrapper userQueryWrapper = new QueryWrapper<>(); - userQueryWrapper.eq("sys_user.id",id); - User user = userMapper.selectOne(userQueryWrapper); - String secretPassword = user.getPassword(); - if (Objects.isNull(userSet)){ - UserSet newUserSet = new UserSet(); - String secretKey = PubUtils.randomCode(16); - newUserSet.setSecretKey(secretKey); - sm4 = new Sm4Utils(secretKey); - strSm4 = sm4.encryptData_ECB(password); - newUserSet.setStandBy(strSm4); - newUserSet.setUserId(id); - this.save(newUserSet); - psd = sm4.encryptData_ECB(strSm4 + secretKey); - } else { - sm4 = new Sm4Utils(userSet.getSecretKey()); - strSm4 = sm4.encryptData_ECB(password); - psd = sm4.encryptData_ECB(strSm4 + userSet.getSecretKey()); - } - if (Objects.equals(secretPassword,psd)){ - throw new BusinessException(UserResponseEnum.REPEAT_PASSWORD); - } - return psd; - } /** * 未登录